Latest CVE Feed
-
4.3
MEDIUMCVE-2021-37213
The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee’s ... Read more
Affected Products : flygo- EPSS Score: %0.11
- Published: Aug. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-37212
The bulletin function of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attackers can manipulate the bulletin ID in specific Url parameters and access and modify bulletin particula... Read more
Affected Products : flygo- EPSS Score: %0.11
- Published: Aug. 09, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-37211
The bulletin function of Flygo does not filter special characters while a new announcement is added. Remoter attackers can use the vulnerability with general user’s credential to inject JavaScript and execute stored XSS attacks.... Read more
Affected Products : flygo- EPSS Score: %0.16
- Published: Aug. 09, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-37207
A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected application assigns improper access rights to a specific folder containing configuration files. This could allow an authenticated local attacker to inject arbitrar... Read more
Affected Products : sentron_powermanager_3- EPSS Score: %0.03
- Published: Nov. 09, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-37206
A vulnerability has been identified in SIPROTEC 5 relays with CPU variants CP050 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP100 (All versions < V8.80), SIPROTEC 5 relays with CPU variants CP300 (All versions < V8.80). Received webpacket... Read more
- EPSS Score: %0.58
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-37205
A vulnerability has been identified in SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V21.9 < V21.9.4), SIMATIC S7-1200 CPU family (incl. SIPLUS v... Read more
Affected Products : simatic_s7-1500_software_controller_firmware simatic_drive_controller_cpu_1504d_tf_firmware simatic_drive_controller_cpu_1507d_tf_firmware simatic_s7-plcsim_advanced_firmware siplus_tim_1531_irc_firmware tim_1531_irc_firmware simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware simatic_s7-1200_cpu_1211c_firmware simatic_s7-1200_cpu_1212c_firmware simatic_s7-1200_cpu_1214c_firmware +87 more products- EPSS Score: %1.14
- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-37204
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC Drive Controller family (All versions >= V2.9.2 < V2.9.4), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMAT... Read more
Affected Products : simatic_s7-1500_software_controller_firmware simatic_drive_controller_cpu_1504d_tf_firmware simatic_drive_controller_cpu_1507d_tf_firmware simatic_s7-plcsim_advanced_firmware siplus_tim_1531_irc_firmware tim_1531_irc_firmware simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware simatic_s7-1200_cpu_1211c_firmware simatic_s7-1200_cpu_1212c_firmware simatic_s7-1200_cpu_1214c_firmware +87 more products- EPSS Score: %1.43
- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-37203
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The plmxmlAdapterIFC.dll contains an out-of-bounds read while parsing user supplied IFC files which could result in a read past the... Read more
- EPSS Score: %0.19
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-37202
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). The IFC adapter in affected application contains a use-after-free vulnerability that could be triggered while parsing user-supplied... Read more
- EPSS Score: %0.45
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-37201
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-Site Request Forgery (CSRF) attack. This could allow an attacker to manipulate the SINEC NMS configuration by tricki... Read more
- EPSS Score: %0.14
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-37200
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request.... Read more
- EPSS Score: %2.26
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-37199
A vulnerability has been identified in SINUMERIK 808D (All versions), SINUMERIK 828D (All versions < V4.95). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-... Read more
- EPSS Score: %0.14
- Published: Oct. 12, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-37197
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web ... Read more
Affected Products : comos- EPSS Score: %0.72
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-37196
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4... Read more
Affected Products : comos- EPSS Score: %0.34
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-37195
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web ... Read more
Affected Products : comos- EPSS Score: %0.53
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-37194
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web ... Read more
Affected Products : comos- EPSS Score: %0.24
- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-37189
An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.... Read more
- EPSS Score: %0.19
- Published: Dec. 10, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-37188
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware (because the bootloader does not verify that it is authentic), changing the behavior of the gateway.... Read more
- EPSS Score: %0.26
- Published: Dec. 10, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-37187
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible passwords) from the device, which allows decoding of other users' passwords.... Read more
- EPSS Score: %0.31
- Published: Dec. 10, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-37186
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All versions < V2.2), SIMATIC RTU3010C (All versions < V4.0.9), SIMATIC RTU3030C (All versions < V4.0.9), SIMATIC RTU3031C (All versions < V4.0.9), SIMATIC RTU3041C... Read more
- EPSS Score: %0.16
- Published: Sep. 14, 2021
- Modified: Nov. 21, 2024